|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu: Security Advisory for netty (USN-4600-2)|
|Summary:||The remote host is missing an update for the 'netty'; package(s) announced via the USN-4600-2 advisory.|
The remote host is missing an update for the 'netty'
package(s) announced via the USN-4600-2 advisory.
USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides
the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty.
Also it was discovered that Netty allow for unbounded memory allocation. A
remote attacker could send a large stream to the Netty server causing it to
crash (denial of service). (CVE-2020-11612)
Original advisory details:
It was discovered that Netty had HTTP request smuggling vulnerabilities. A
remote attacker could used it to extract sensitive information. (CVE-2019-16869,
CVE-2019-20444, CVE-2019-20445, CVE-2020-7238)
'netty' package(s) on Ubuntu 18.04 LTS.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-7238|
RedHat Security Advisories: RHSA-2020:0497
RedHat Security Advisories: RHSA-2020:0567
RedHat Security Advisories: RHSA-2020:0601
RedHat Security Advisories: RHSA-2020:0605
RedHat Security Advisories: RHSA-2020:0606
RedHat Security Advisories: RHSA-2020:0804
RedHat Security Advisories: RHSA-2020:0805
RedHat Security Advisories: RHSA-2020:0806
RedHat Security Advisories: RHSA-2020:0811
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.